TL;DR: Here I’ll be talking about an interesting bypass for the so called «linkshim system», which Facebook mainly relies upon to protect its users from malicious URLs shared across the whole platform….

TL;DR: A CSRF vulnerability that could reset a Facebook user’s post-by-email address was hidden deep inside the Facebook mobile site, where you have to first trigger some kind of legacy browser fallback support and then to tweak with some parameter(s) to catch it!

TL;DR: Before Facebook’s migration to OAuth 2.0, it was possible to hijack a valid access token of any given pre-authorized Facebook app by injecting a specially-crafted iframe through a simple MITM attack.